Secure and bandwidth-conscious transmission of model updates is a central bottleneck in distributed machine learning. Existing secure aggregation and homomorphic encryption pipelines either reveal more than the task requires or incur prohibitive computation and communication costs. We introduce a verifiable functional encryption (VFE) framework that releases only the intended linear functions of client gradients while providing end-to-end integrity and privacy guarantees under standard lattice assumptions. Our instantiation, FlowAgg-FE, combines two novel components. First, KS-IPFE, a key-splittable inner-product FE scheme, supports per-round weighted aggregation, vector packing, and on-the-fly function changes without client re-encryption; function keys are distributed across two non-colluding helpers, eliminating a single point of trust and enabling lightweight, homomorphically verifiable tags on decrypted outputs. Second, PaS-Stream is a rate-adaptive encryption-and-compression pipeline that couples sketch-based gradient compression with batched FE ciphertext streaming, ensuring unbiased aggregation in the presence of stragglers and dropouts. We further bind client-side clipping to zero-knowledge range proofs and offer an optional differentially private release layer that composes with FE to yield (ε,δ)-privacy. A prototype based on LWE demonstrates practicality across cross-device and cross-silo training: client uplink is reduced by 1.9–3.4× and server CPU time by 1.6× versus state-of-practice encrypted secure aggregation, with accuracy within 0.3% of plaintext baselines and correctness preserved under up to 30% client dropout. These results show that verifiable FE can make secure, communication-efficient gradient transmission viable, as appropriate for theme of security and privacy in distributed machine learning of the Special Issue.
Tan et al. (Wed,) studied this question.